auth
2015-06-29
auth/replication-controllers/authd.json
Add kubernetes definitions. Define a replication controller that will spin up authd servers (using Ducky right now--other instances should rename the ducky parts appropriately). Also, my understanding of which labels go where may be shaky, which is probably evidenced by the fact that all of these things share the same lables. _Whatever_. It also hooks the generated pods up to the JWT secret volume, so they can properly read the JWT secret. Also, created a LoadBalancer Service that will route traffic to the pods created by the Replication Controller.
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/replication-controllers/authd.json Mon Jun 29 23:58:05 2015 -0400 1.3 @@ -0,0 +1,61 @@ 1.4 +{ 1.5 + "kind":"ReplicationController", 1.6 + "apiVersion":"v1", 1.7 + "metadata":{ 1.8 + "name": "ducky-authd", 1.9 + "labels": { 1.10 + "name": "authd", 1.11 + "context": "ducky", 1.12 + "repo": "secondbit--authd", 1.13 + "role": "auth" 1.14 + } 1.15 + }, 1.16 + "spec":{ 1.17 + "replicas":1, 1.18 + "selector":{ 1.19 + "context": "ducky", 1.20 + "name":"authd", 1.21 + "repo": "secondbit--authd", 1.22 + "role": "auth" 1.23 + }, 1.24 + "template":{ 1.25 + "metadata":{ 1.26 + "labels":{ 1.27 + "context": "ducky", 1.28 + "name":"authd", 1.29 + "repo": "secondbit--authd", 1.30 + "role": "auth" 1.31 + } 1.32 + }, 1.33 + "spec":{ 1.34 + "volumes": [ 1.35 + { 1.36 + "name": "jwt-volume", 1.37 + "secret": { 1.38 + "secretName": "jwt" 1.39 + } 1.40 + } 1.41 + ], 1.42 + "containers":[ 1.43 + { 1.44 + "name":"ducky-authd", 1.45 + "image": "secondbit/authd:latest", 1.46 + "volumeMounts": [ 1.47 + { 1.48 + "name": "jwt-volume", 1.49 + "readOnly": true, 1.50 + "mountPath": "/private/kubernetes/jwt" 1.51 + } 1.52 + ], 1.53 + "ports":[ 1.54 + { 1.55 + "name": "http", 1.56 + "containerPort":9000 1.57 + } 1.58 + ] 1.59 + } 1.60 + ] 1.61 + } 1.62 + } 1.63 + } 1.64 +}